Activity 5: Give Access to ec2 only in mumbai region
- Give access to the user to create, start and stop instances in mumbai region and in all other regions ec2 readonly
- Solution
{
"Version": "2012-10-17",
"Id": "activity5_mar2025",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:Describe*",
"ec2:GetSecurityGroupsForVpc"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "elasticloadbalancing:Describe*",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"cloudwatch:ListMetrics",
"cloudwatch:GetMetricStatistics",
"cloudwatch:Describe*"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "autoscaling:Describe*",
"Resource": "*"
},
{
"Action": "ec2:*",
"Effect": "Allow",
"Resource": "*",
"Condition": {
"StringEquals": {
"aws:RequestedRegion": "ap-south-1"
}
}
}
]
}
What are Roles in AWS IAM
- A Role is permission given for an aws resource to access other aws resources.
I want to give permission for an ec2 instance with full acecss of s3
- Watch classroom recording for a sample demonstration
What are groups in AWS IAM
- Groups are collection of users which are available for organizing permissions.
- Watch classroom recording for a sample demonstration
Like this:
Like Loading...